in a city of the future
it is difficult to concentrate
(@keunwoo's blog)

Wednesday, May 25, 2005

Spam and the Department of Justice

A recent Politech post, about the prospects of new spam legislation, notes that most existing spam already breaks at least one U.S. law. What's really needed is better enforcement of existing laws.

This past winter quarter, I helped organize a cross-disciplinary seminar (in the UW-CSE dept.) on technical and legal perspectives on software security. We got, among other things, a UW law prof and a US Attorney from the DOJ to come and give talks. (I'd tell you their names, but in light of the other crazy stuff I write on this blog, I suspect they'd rather not be associated with me on random Google searches.) One of the things that we learned was that state and local authorities don't have the jurisdictional rights to investigate and prosecute most computer crimes, and that federal law enforcement on all levels is incredibly underfunded given the amount of stuff that they need to enforce. Hence, enforcement of federal laws gets heavily triaged.

So, if you're an FBI agent or a US Attorney, you're basically going to go after bank robbers, drug dealers, child molesters, and terrorists... and, er, copyright infringers. Everybody else can wait in line. Whatever its aggregate cost to society, spamming is a "mere" crime of annoyance, and investigating it requires technical expertise that's in short supply in public sector law enforcement. Unless the Department of Justice gets lots more funding, and a real mandate comes down from on high to go after spammers, Congress can pass all the anti-spam laws it wants --- spammers aren't going to jail.*

From my own meager understanding of the current budgetary climate in Washington, that kind of budgetary boost for the DOJ, for anything besides anti-terrorism, isn't in the cards --- we're already deep in deficit, and tax cuts for the rich are more important than services for all.

* For strange historical reasons, the Secret Service is in charge of investigating certain kinds of computer crime, and they're now part of the Department of Homeland Security, but similar problems most likely apply.